Chapter 14. Virtualization
Configuration options can be used to exclude weak ciphers
Previously, libvirt depended on the hard-coded cipher defaults in
GnuTLS. This made it possible to use weak ciphers. With this update, configuration options to exclude weak ciphers have been added to the libvirtd.conf and libvirt.conf files. In addition, TLS priority support was added to libvirt URIs. As a a result, the list of used ciphers can be customized to exclude weak ciphers. (BZ#1333415)
Improved Hyper-V storage driver performance
The storvsc Hyper-V storage driver was updated from upstream. This provides moderate performance improvement of I/O operations when using the Hyper-V storvsc driver for certain workloads. (BZ#1352824)
Hyper-V clock source changed to use the TSC page
With this update, the Time Stamp Counter (TSC) page is used as the Hyper-V clock source. The TSC page provides a more efficient way of computing the per-guest reference counter value than the previously used model-specific register (MSR). As a result, kernel operations that involve reading time stamps are now faster.
Note that this feature is only supported on 64-bit kernels. (BZ#1365049)
Setting the account password is now possible for any guest user
The
guest-set-user-password command has been introduced for the QEMU guest agent. This allows setting the account password for any guest user, including the root, when using QEMU and KVM. (BZ#1303906)
